All You Need To Know About WannaCry Ransomware

WannaCry ransomware locks up files, but XP users may now have a way of recovering them but only if they haven’t restarted their machine. “People didn’t patch and a huge number of those hit were running versions of Windows that were either way out of date or pirated”. Starting first in the United Kingdom and Spain, the malicious “WannaCrypt” software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin.

An exploit discovered and built upon by the USA’s National Security Agency called EternalBlue was leaked by a group called the Shadow Brokers earlier this year. Its failure to give older versions the same protection found on Windows 10 – covering the security gap found and exploited but kept secret by the NSA – left millions of users vulnerable.

They exploited a ideal storm of factors – the Windows hole, the ability to get ransom paid in digital currency, poor security practices – but it’s unclear if the payoff, at least so far, was worth the trouble.

The researchers, however, added that “wanawiki” will only work on computers that have not been rebooted since being infected and if the owners use it before the files are permanently locked.

According to Beaumont, infections on these versions of Windows caused the greatest problems at the NHS. However, the developers believe that it could well also work with Windows 2008 and Vista – leaving out Windows 10, which is already protected by a patch pushed out by Microsoft in March. So, they analyze weaknesses in your operating system’s code and keep a figurative vault of ways to hack into computers, like how the CDC stores real viruses.

In previous year India has seen at least three sophisticated ransomware attacks on Indian companies and banks. We can certainly question whether they are having much impact given the scale of the recent Ransomware attack. However, California-based cyber risk modeling firm, Cyence, forecasts the economic damage to be $4 billion inclusive of costs associated with businesses interruption. “Many of these same folks are running systems with outdated operating system versions”.

However, if you do pay, you’re only fueling the fire. Usually used by cyber criminals, ransomware is a popular means of making illicit money from victims who have to pay the criminals in order to have their data decrypted.

Some ransomware does also sometimes targets backup files, though. Various security researchers have noted that the worm that spread the ransomware didn’t infect Windows XP machines.